package com.ht.activiti.controller;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.subject.Subject;
import org.springframework.web.bind.annotation.*;

/**
 * 这个是shiro测试框架
 * @author zhangfc
 * @date 2021/11/3 14:24
 */
@RestController
public class HomeIndexController {

    @GetMapping("/login")
    public String defaultLogin(){
        return "首页";
    }

    @PostMapping("/login")
    public String login(@RequestParam("username")String username,@RequestParam("password") String password){
        //从SecurityUtils里边创建一个subject
        Subject subject = SecurityUtils.getSubject();
        //在认证提交前准备token(令牌)
        UsernamePasswordToken token = new UsernamePasswordToken(username, password);
        System.out.println(token.toString());
        try {
            //登录
            subject.login(token);
        } catch (UnknownAccountException e)
        {
            return "未知账户";
        }catch (IncorrectCredentialsException ice){
            return "密码不正确";
        }catch (LockedAccountException e){
            return "账户已锁定";
        }catch (ExcessiveAttemptsException eae){
            return "用户名或者密码错误次数过多";
        }catch (AuthenticationException e){
            return "用户名或者密码不正确";
        }
        if (subject.isAuthenticated()){
            return "登录成功";
        }else {
            token.clear();
            return "登录失败";
        }
    }


}
